Hi recently my laptop has been acting weird
- im on windows 8.1
- i do not download viruses and my windows defender does not detect any viruses
- chrome randomly closes sometimes
- sometimes, random add-ons are added to chrome which modify websites
- the startup is SO slow. takes about 3 minutes for chrome to open. after that its faster.
i have attached the FRST.txt log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-07-2015 01
Ran by pawan98 (administrator) on PAWAN-LAP on 19-07-2015 01:12:21
Running from C:\Users\pawan98\Desktop
Loaded Profiles: pawan98 (Available Profiles: pawan98 & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Filthy Brother\Filthy Brother.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\TrueColor\TrueColorALS.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Entertainment Experience) C:\Program Files\TrueColor\TrueColorUI.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Users\pawan98\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Super PC Tools Ltd) C:\ProgramData\{4ed109c5-ebd1-edc4-4ed1-109c5ebd2717}\1AB16RN52.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Dell) C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506648 2013-12-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374424 2014-01-10] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5789512 2014-01-16] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation)
HKLM\...\Run: [TrueColor UI] => C:\Program Files\TrueColor\TrueColorUI.exe [19491792 2014-09-09] (Entertainment Experience)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1085512 2015-01-12] (The Eraser Project)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-05-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-1189719033-285723195-1319920632-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-1189719033-285723195-1319920632-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-1189719033-285723195-1319920632-1001\...\Run: [uTorrent] => C:\Users\pawan98\AppData\Roaming\uTorrent\uTorrent.exe [1693024 2015-07-16] (BitTorrent Inc.)
HKU\S-1-5-21-1189719033-285723195-1319920632-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-1189719033-285723195-1319920632-1001\...\Run: [Google Update] => C:\Users\pawan98\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-12-17] (Google Inc.)
HKU\S-1-5-21-1189719033-285723195-1319920632-1001\...\Run: [MusicManager] => C:\Users\pawan98\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7646208 2015-05-29] (Google Inc.)
Startup: C:\Users\pawan98\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1AB16RN52.lnk [2015-02-28]
ShortcutTarget: 1AB16RN52.lnk -> C:\ProgramData\{4ed109c5-ebd1-edc4-4ed1-109c5ebd2717}\1AB16RN52.exe (Super PC Tools Ltd)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-1189719033-285723195-1319920632-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1189719033-285723195-1319920632-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1189719033-285723195-1319920632-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL =
SearchScopes: HKU\S-1-5-21-1189719033-285723195-1319920632-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1189719033-285723195-1319920632-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1
Tcpip\..\Interfaces\{C8BCBC25-BC65-4779-B182-0643075D10A7}: [DhcpNameServer] 192.168.5.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-03] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1189719033-285723195-1319920632-1001: @tools.google.com/Google Update;version=3 -> C:\Users\pawan98\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1189719033-285723195-1319920632-1001: @tools.google.com/Google Update;version=9 -> C:\Users\pawan98\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-13]
CHR Extension: (Google Docs) - C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-13]
CHR Extension: (Google Drive) - C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-13]
CHR Extension: (YouTube) - C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-13]
CHR Extension: (Adblock Plus) - C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-11]
CHR Extension: (Google Search) - C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-13]
CHR Extension: (Hola Better Internet) - C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-02-21]
CHR Extension: (appssave) - C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihdcklglidelcaopedcfpgbnpdnjclco [2015-06-18]
CHR Extension: (Google Wallet) - C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-13]
CHR Extension: (Gmail) - C:\Users\pawan98\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-13]
CHR HKU\S-1-5-21-1189719033-285723195-1319920632-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\pawan98\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-01-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 Dell Data Services; C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [45936 2014-11-13] (Dell)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [92528 2015-05-05] (Dell)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 Filthy Brother; C:\Program Files (x86)\Filthy Brother\Filthy Brother.exe [8016046 2015-07-07] () [File not signed] <==== ATTENTION
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-06-18] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1921768 2014-07-03] (SoftThinks SAS)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 TrueColorALS; C:\Program Files\TrueColor\TrueColorALS.exe [101840 2014-09-21] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816656 2014-06-18] (Intel® Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2014-03-26] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-04-22] (Motorola Solutions, Inc.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14920 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 FNETTHJM; C:\Windows\SysWOW64\drivers\fnetthjm.sys [24448 2014-12-16] (FNet Co., Ltd.) [File not signed]
S3 FNETTHJM_152D; C:\Windows\SysWOW64\drivers\fnetthjm_152D.sys [24448 2014-12-16] (FNet Co., Ltd.) [File not signed]
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [83960 2013-10-03] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [128504 2013-10-03] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [199624 2014-06-06] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [100824 2013-12-18] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3488744 2014-07-29] (Intel Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-04-09] (Synaptics Incorporated)
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 OATool; \??\C:\Users\ADMINI~1\AppData\Local\Temp\OAToolx64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-19 01:12 - 2015-07-19 01:12 - 00024798 _____ C:\Users\pawan98\Desktop\FRST.txt
2015-07-19 01:12 - 2015-07-19 01:12 - 00000000 ____D C:\FRST
2015-07-19 01:11 - 2015-07-19 01:11 - 02134528 _____ (Farbar) C:\Users\pawan98\Desktop\FRST64.exe
2015-07-19 01:06 - 2015-07-19 01:09 - 00000000 ____D C:\ProgramData\jjhkaldbpopfmacbippfcdogcgeojlhn
2015-07-19 01:06 - 2015-07-19 01:07 - 00000000 ____D C:\Program Files (x86)\offerideual
2015-07-18 05:06 - 2015-07-19 01:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-18 04:59 - 2015-07-18 05:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-18 04:59 - 2015-07-18 04:59 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-18 04:49 - 2015-06-29 23:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-18 04:49 - 2015-06-29 16:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-18 04:49 - 2015-06-29 16:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-18 04:49 - 2015-06-29 16:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-18 04:49 - 2015-06-29 16:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-18 04:49 - 2015-06-29 16:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-18 04:49 - 2015-06-27 00:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-18 04:49 - 2015-06-27 00:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-18 04:49 - 2015-05-11 17:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-18 04:49 - 2015-05-07 16:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-18 04:49 - 2015-05-07 16:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-18 04:48 - 2015-05-03 16:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-18 04:48 - 2015-05-03 15:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-18 04:48 - 2015-05-02 00:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-18 03:20 - 2015-07-07 15:57 - 00010752 _____ (UG North) C:\Windows\system32\Hibiki.dll
2015-07-18 03:06 - 2015-07-18 03:06 - 00027330 _____ C:\Windows\PFRO.log
2015-07-18 03:06 - 2015-07-18 03:06 - 00000116 _____ C:\Windows\setupact.log
2015-07-18 03:06 - 2015-07-18 03:06 - 00000000 _____ C:\Windows\setuperr.log
2015-07-16 17:46 - 2015-07-16 17:46 - 00017066 _____ C:\Users\pawan98\Downloads\mr.robot.eps.1.4_3xpl0its.wmv.(2015).eng.1cd.(6237491).zip
2015-07-15 04:15 - 2015-07-09 20:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 04:15 - 2015-07-09 19:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 04:15 - 2015-07-09 17:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 04:15 - 2015-07-09 16:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 04:15 - 2015-07-09 16:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 04:15 - 2015-07-09 16:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 04:15 - 2015-07-09 16:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 04:15 - 2015-07-09 16:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 04:15 - 2015-07-09 16:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 04:15 - 2015-07-09 16:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 04:15 - 2015-07-09 16:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 04:15 - 2015-07-09 16:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 04:15 - 2015-07-09 16:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 04:15 - 2015-07-03 14:52 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-15 04:15 - 2015-07-03 14:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-15 04:15 - 2015-07-03 14:50 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 04:15 - 2015-07-03 14:50 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-15 04:15 - 2015-07-01 23:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 04:15 - 2015-07-01 22:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 04:15 - 2015-06-28 06:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 04:15 - 2015-06-28 06:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 04:15 - 2015-06-28 06:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 04:15 - 2015-06-28 06:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 04:15 - 2015-06-27 17:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 04:15 - 2015-06-27 04:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 04:15 - 2015-06-27 04:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 04:15 - 2015-06-27 04:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 04:15 - 2015-06-27 04:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 04:15 - 2015-06-27 04:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 04:15 - 2015-06-27 03:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 04:15 - 2015-06-27 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 04:15 - 2015-06-27 03:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 04:15 - 2015-06-27 03:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 04:15 - 2015-06-27 02:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 04:15 - 2015-06-27 02:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 04:15 - 2015-06-25 03:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 04:15 - 2015-06-15 23:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 04:15 - 2015-06-15 23:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 04:15 - 2015-06-15 22:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 04:15 - 2015-06-15 22:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 04:15 - 2015-06-15 21:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 04:15 - 2015-06-15 20:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 04:15 - 2015-05-30 22:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 04:15 - 2015-05-30 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 04:15 - 2015-05-30 20:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 04:14 - 2015-07-02 22:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 04:14 - 2015-07-02 21:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 04:14 - 2015-07-02 21:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 04:14 - 2015-07-02 21:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 04:14 - 2015-07-02 21:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 04:14 - 2015-07-02 20:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 04:14 - 2015-07-02 20:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 04:14 - 2015-07-02 19:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 04:13 - 2015-06-16 06:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 04:13 - 2015-06-16 06:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 04:13 - 2015-06-15 23:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 04:13 - 2015-06-15 23:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 04:13 - 2015-06-15 23:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 04:13 - 2015-06-15 23:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 04:13 - 2015-06-15 23:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 04:13 - 2015-06-15 22:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 04:13 - 2015-06-15 22:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 04:13 - 2015-06-15 22:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 04:13 - 2015-06-15 22:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 04:13 - 2015-06-15 22:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 04:13 - 2015-06-15 22:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 04:13 - 2015-06-15 22:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 04:13 - 2015-06-15 22:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 04:13 - 2015-06-15 22:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 04:13 - 2015-06-15 22:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 04:13 - 2015-06-15 22:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 04:13 - 2015-06-15 22:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 04:13 - 2015-06-15 22:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 04:13 - 2015-06-15 22:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 04:13 - 2015-06-15 21:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 04:13 - 2015-06-15 21:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 04:13 - 2015-06-15 21:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 04:13 - 2015-06-15 21:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 04:13 - 2015-06-15 21:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 04:13 - 2015-06-15 21:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 04:13 - 2015-06-15 21:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 04:13 - 2015-06-15 21:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 04:13 - 2015-06-15 21:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 04:13 - 2015-06-15 21:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 04:13 - 2015-06-15 21:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 04:13 - 2015-06-15 21:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 04:13 - 2015-06-15 21:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 04:13 - 2015-06-15 21:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 04:13 - 2015-06-11 04:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 04:13 - 2015-06-10 17:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 04:13 - 2015-05-07 17:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-14 21:47 - 2015-07-14 21:47 - 00931408 _____ (Google Inc.) C:\Users\pawan98\Downloads\ChromeSetup.exe
2015-07-13 04:56 - 2015-07-13 04:56 - 00021309 _____ C:\Users\pawan98\Downloads\mr.robot.eps.1.2_d3bug.mkv.(2015).eng.1cd.(6228831).zip
2015-07-13 02:06 - 2015-07-13 02:06 - 00186492 _____ C:\Users\pawan98\Downloads\watch (2).htm
2015-07-12 05:27 - 2015-07-12 05:27 - 00022557 _____ C:\Users\pawan98\Downloads\mr.robot.eps1.1_onesandzer0es.mpeg.(2015).eng.1cd.(6221246).zip
2015-07-11 04:40 - 2015-07-11 04:40 - 00029072 _____ C:\Users\pawan98\Downloads\mr.robot.eps1.0_hellofriend.mov.(2015).eng.1cd.(6186379).zip
2015-07-11 03:59 - 2015-07-11 03:59 - 00000434 _____ C:\Users\pawan98\Downloads\url (1).htm
2015-07-08 14:30 - 2015-07-08 14:30 - 08016655 _____ C:\Windows\SysWOW64\1.exe
2015-07-07 15:57 - 2015-07-07 15:57 - 00000000 ____D C:\Program Files (x86)\Filthy Brother
2015-07-07 01:51 - 2015-07-07 01:51 - 00192861 _____ C:\Users\pawan98\Downloads\watch (1).htm
2015-07-06 22:42 - 2015-07-06 22:42 - 00029363 _____ C:\Users\pawan98\Downloads\blood.and.bone.(2009).eng.1cd.(3556915).zip
2015-07-05 01:50 - 2015-07-05 01:50 - 00211886 _____ C:\Users\pawan98\Downloads\watch.htm
2015-07-04 02:40 - 2015-05-21 14:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-03 15:06 - 2015-07-03 15:06 - 00001161 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2015-07-03 15:06 - 2015-07-03 15:06 - 00001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-07-03 15:06 - 2015-07-03 15:06 - 00000000 ____D C:\Users\pawan98\AppData\Roaming\Canneverbe Limited
2015-07-03 15:06 - 2015-07-03 15:06 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-07-03 15:06 - 2015-07-03 15:06 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2015-07-03 15:05 - 2015-07-03 15:05 - 05655320 _____ (Canneverbe Limited ) C:\Users\pawan98\Downloads\cdbxp_setup_4.5.5.5666.exe
2015-07-03 13:40 - 2015-07-03 14:21 - 00001412 _____ C:\Users\pawan98\Desktop\SAINSBURYS PHONE.txt
2015-07-02 15:37 - 2015-07-02 15:37 - 06208933 _____ C:\Users\pawan98\Downloads\Kranium - Lifestyle (Promo Single).zip
2015-07-02 02:25 - 2015-07-02 02:25 - 00145005 _____ C:\Users\pawan98\Downloads\page3.htm
2015-06-22 16:29 - 2015-04-10 01:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-06-22 16:29 - 2015-04-10 01:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-06-22 16:29 - 2015-04-01 23:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-06-22 16:29 - 2015-04-01 23:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-06-22 16:29 - 2015-04-01 04:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-06-22 16:29 - 2015-04-01 03:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-06-22 16:29 - 2015-03-20 04:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-06-22 16:29 - 2015-03-20 04:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-06-22 16:29 - 2015-03-20 03:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-06-22 16:29 - 2015-03-20 03:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-22 16:29 - 2015-03-20 02:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-06-22 16:29 - 2015-03-17 18:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-06-22 16:29 - 2015-03-13 02:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-06-22 16:29 - 2015-03-13 01:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-06-22 16:29 - 2015-03-09 03:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-06-22 16:29 - 2015-03-04 02:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-06-22 16:29 - 2015-03-04 02:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-06-22 16:29 - 2015-03-02 02:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-22 16:29 - 2015-03-02 02:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-06-22 16:29 - 2015-01-30 01:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-06-22 16:29 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-06-22 16:29 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-06-22 16:29 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-06-22 16:29 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-06-22 16:28 - 2015-03-14 09:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-06-22 16:28 - 2015-03-14 09:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-06-22 16:28 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-06-22 16:28 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-06-22 16:28 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-06-22 16:28 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-06-22 16:27 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-06-22 16:27 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-06-22 16:27 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-06-22 16:27 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-06-22 16:27 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-06-22 16:27 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-06-22 16:26 - 2015-05-25 14:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-22 16:26 - 2015-05-25 14:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-22 16:26 - 2015-04-08 23:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-22 16:26 - 2015-04-03 01:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-06-22 16:26 - 2015-04-03 01:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-06-22 16:26 - 2015-04-01 23:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-22 16:26 - 2015-04-01 23:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-22 16:26 - 2015-03-13 03:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-06-22 16:25 - 2015-04-13 23:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-22 16:25 - 2015-04-13 23:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-22 16:25 - 2015-04-10 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-22 16:25 - 2015-04-10 01:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-22 16:25 - 2015-03-06 03:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-06-22 16:25 - 2015-02-18 00:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-06-22 16:25 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-06-22 16:25 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-06-22 16:25 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-06-22 16:25 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-06-22 16:25 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-06-22 16:25 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-06-22 16:25 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-06-22 16:25 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-22 16:25 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-22 16:25 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-06-22 16:25 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-06-22 16:25 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-06-22 16:25 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-06-22 16:24 - 2015-04-16 07:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-22 16:24 - 2015-04-01 05:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-22 16:24 - 2015-04-01 05:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-22 16:24 - 2015-04-01 05:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-22 16:24 - 2015-04-01 05:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-22 16:24 - 2015-04-01 04:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-22 16:24 - 2015-04-01 04:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-22 16:24 - 2015-04-01 04:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-22 16:24 - 2015-04-01 03:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-22 16:24 - 2015-04-01 03:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-22 16:24 - 2015-04-01 03:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-22 16:24 - 2015-04-01 03:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-22 16:24 - 2015-04-01 03:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-22 16:24 - 2015-04-01 03:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-22 16:24 - 2015-03-13 05:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-06-22 16:24 - 2015-03-13 05:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-06-22 16:24 - 2015-03-11 02:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-06-22 16:24 - 2015-03-11 02:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-06-22 16:24 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-06-22 16:24 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-06-22 16:24 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-06-22 16:24 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-06-22 16:24 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-06-22 16:24 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-06-22 16:24 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-06-22 16:24 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-06-22 16:23 - 2015-03-06 04:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-06-22 16:23 - 2015-03-06 03:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-06-22 16:23 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-06-22 16:23 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-06-22 16:23 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-06-22 16:23 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-06-22 16:23 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-06-22 15:50 - 2015-06-22 15:50 - 00004036 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-06-22 15:50 - 2015-06-22 15:50 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-06-22 15:50 - 2015-06-22 15:50 - 00003224 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-06-22 15:49 - 2015-06-22 15:49 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-06-22 15:49 - 2015-06-22 15:49 - 00000000 ____D C:\Program Files\Dell Support Center
2015-06-20 16:20 - 2015-06-20 16:20 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-06-20 16:20 - 2015-06-20 16:20 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-06-20 15:15 - 2015-07-19 01:06 - 01551328 _____ C:\Windows\WindowsUpdate.log
2015-06-19 22:39 - 2015-06-19 22:39 - 01048576 _____ C:\Users\pawan98\Downloads\TP_PROG.dbs
2015-06-19 21:46 - 2015-06-19 21:46 - 00001323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-06-19 21:46 - 2015-06-19 21:46 - 00000000 ____D C:\Windows\en
2015-06-19 21:45 - 2015-06-19 21:45 - 00001392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-06-19 21:45 - 2015-06-19 21:45 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-06-19 21:45 - 2015-06-19 21:45 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-06-19 21:44 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-06-19 21:44 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-06-19 21:44 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-06-19 21:44 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-06-19 21:44 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-06-19 21:44 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-06-19 21:44 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-06-19 21:44 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-06-19 21:44 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-06-19 21:44 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-06-19 21:44 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-06-19 21:44 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-06-19 21:42 - 2015-06-19 21:46 - 00000000 ____D C:\Users\pawan98\AppData\Local\Windows Live
2015-06-19 21:42 - 2015-06-19 21:42 - 01239752 _____ (Microsoft Corporation) C:\Users\pawan98\Downloads\wlsetup-web.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-19 01:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-19 01:07 - 2015-06-18 22:27 - 00000024 _____ C:\Users\pawan98\AppData\Roaming\appdataFr25.bin
2015-07-19 00:59 - 2014-12-03 19:06 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1189719033-285723195-1319920632-1001
2015-07-19 00:54 - 2014-12-17 01:46 - 00000000 ___RD C:\Users\pawan98\Google Drive
2015-07-19 00:54 - 2014-12-03 19:12 - 00002060 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-07-19 00:54 - 2014-12-03 19:12 - 00002058 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-07-19 00:54 - 2014-12-03 19:12 - 00002048 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-07-19 00:54 - 2014-12-03 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-18 21:26 - 2014-12-06 21:38 - 00000000 ____D C:\Users\pawan98\AppData\Roaming\vlc
2015-07-18 21:18 - 2014-12-17 02:57 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1189719033-285723195-1319920632-1001UA.job
2015-07-18 21:10 - 2014-12-03 19:02 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{D1075B80-BEC0-41D0-9F7A-372C23914060}
2015-07-18 05:07 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-18 05:06 - 2015-02-23 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-18 05:05 - 2014-12-11 04:15 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-18 05:05 - 2014-12-09 12:38 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-18 05:04 - 2014-12-06 19:19 - 00000000 ____D C:\Users\pawan98\AppData\Roaming\uTorrent
2015-07-18 05:01 - 2014-12-07 05:13 - 00000000 ____D C:\Windows\system32\MRT
2015-07-18 04:45 - 2014-12-03 19:10 - 00000000 ____D C:\Users\pawan98\AppData\Local\Adobe
2015-07-18 04:40 - 2014-12-03 20:27 - 00000000 ____D C:\Users\pawan98\AppData\Roaming\Skype
2015-07-18 03:20 - 2015-02-28 18:27 - 00000000 ____D C:\ProgramData\{4ed109c5-ebd1-edc4-4ed1-109c5ebd2717}
2015-07-18 03:18 - 2014-11-03 17:51 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-07-18 03:17 - 2015-06-15 19:10 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2015-07-18 03:14 - 2014-03-18 10:53 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-18 03:06 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-18 03:06 - 2013-08-22 15:44 - 00482944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-17 05:04 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-17 05:02 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-17 05:02 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-07-17 05:02 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-17 05:02 - 2013-08-22 16:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-07-17 05:02 - 2013-08-22 16:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-17 05:02 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\WinStore
2015-07-17 05:02 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-07-17 05:02 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-07-17 02:20 - 2015-06-18 20:20 - 00000346 _____ C:\Windows\Tasks\EasyBoost.job
2015-07-16 05:22 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-16 02:01 - 2014-12-03 18:56 - 00000000 ____D C:\Users\pawan98\AppData\Local\Packages
2015-07-16 01:18 - 2014-12-17 02:57 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1189719033-285723195-1319920632-1001Core.job
2015-07-16 01:13 - 2014-12-17 02:57 - 00003886 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1189719033-285723195-1319920632-1001UA
2015-07-16 01:13 - 2014-12-17 02:57 - 00003506 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1189719033-285723195-1319920632-1001Core
2015-07-14 21:48 - 2014-12-03 19:09 - 00002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-13 22:10 - 2015-04-22 18:19 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 22:10 - 2015-04-22 18:19 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-13 16:08 - 2014-12-03 19:12 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-13 16:08 - 2014-12-03 19:12 - 00000000 ____D C:\ProgramData\Skype
2015-07-06 17:28 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-07-06 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2015-07-05 11:08 - 2014-12-14 05:01 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 16:43 - 2015-06-18 20:21 - 00000000 ____D C:\Program Files (x86)\appssave
2015-07-03 08:43 - 2014-12-07 05:13 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-29 01:36 - 2014-12-17 02:12 - 00000000 ____D C:\Users\pawan98\AppData\Roaming\Mp3tag
2015-06-22 15:49 - 2014-11-03 17:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-06-22 15:48 - 2014-11-03 17:50 - 00000000 ____D C:\ProgramData\PCDr
2015-06-21 22:02 - 2014-12-03 19:09 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-21 22:02 - 2014-12-03 19:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-20 16:40 - 2015-02-23 09:51 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-20 16:33 - 2013-08-22 14:25 - 00000167 _____ C:\Windows\win.ini
2015-06-20 15:53 - 2014-12-03 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-20 02:20 - 2015-06-18 20:20 - 00000000 ____D C:\ProgramData\{5b7196da-a939-9658-5b71-196daa935b6a}
2015-06-19 22:41 - 2015-04-03 16:31 - 00000000 ____D C:\Users\pawan98\AppData\Roaming\U3
==================== Files in the root of some directories =======
2015-06-18 22:27 - 2015-07-19 01:07 - 0000024 _____ () C:\Users\pawan98\AppData\Roaming\appdataFr25.bin
2015-03-13 00:19 - 2015-03-13 00:19 - 0000000 _____ () C:\Users\pawan98\AppData\Local\{C2519451-8442-4D36-8CD6-B2009A8F3929}
2014-11-03 17:35 - 2014-11-03 17:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\pawan98\AppData\Local\Temp\591D.exe
C:\Users\pawan98\AppData\Local\Temp\5D.exe
C:\Users\pawan98\AppData\Local\Temp\84B1.exe
C:\Users\pawan98\AppData\Local\Temp\BB17.exe
C:\Users\pawan98\AppData\Local\Temp\E80F.exe
C:\Users\pawan98\AppData\Local\Temp\Hibiki.dll
C:\Users\pawan98\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-03 16:39
==================== End of log ============================
ADDITION.TXT
Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-07-2015 01
Ran by pawan98 at 2015-07-19 01:13:27
Running from C:\Users\pawan98\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1189719033-285723195-1319920632-500 - Administrator - Disabled)
Guest (S-1-5-21-1189719033-285723195-1319920632-501 - Limited - Disabled) => C:\Users\Guest
pawan98 (S-1-5-21-1189719033-285723195-1319920632-1001 - Administrator - Enabled) => C:\Users\pawan98
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1189719033-285723195-1319920632-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AMD Catalyst Install Manager (HKLM\...\{161E08DE-252C-5567-ECEB-52D173E88224}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
appssave (HKLM-x32\...\{1E38F0E0-5499-CDAF-F946-BA3D053AABC2}) (Version: - )
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5666 - CDBurnerXP)
Cisco Packet Tracer 6.1 Student (HKLM-x32\...\Cisco Packet Tracer 6.1 Student_is1) (Version: - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.60 - Dell Inc.)
Dell Data Services (HKLM\...\{90F9BFC9-A2A9-403F-9A40-1063FAD035BA}) (Version: 1.1.6.0 - Dell Inc.)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{90B2EE35-59D0-4A1F-B125-9F678D46A955}) (Version: 2.1.125.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.9 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{E3CECF25-A529-415E-8F9A-D53C40E5E94C}) (Version: 1.3.9000.0 - Dell Inc.)
EaseUS Data Recovery Wizard 8.5 (HKLM\...\EaseUS Data Recovery Wizard 8.5_is1) (Version: - EaseUS)
EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Eraser 6.2.0.2962 (HKLM\...\{C6E287F1-2E47-45F0-BB51-94F815CFFB48}) (Version: 6.2.2962 - The Eraser Project)
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Google Chrome (HKLM-x32\...\{DDCA236C-A28B-3979-8855-B7475BCAD806}) (Version: 66.30.49223 - Google, Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{694000a5-c594-49d2-b6e4-ef3960120b0f}) (Version: 17.1.0 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1189719033-285723195-1319920632-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
Music Manager (HKU\S-1-5-21-1189719033-285723195-1319920632-1001\...\MusicManager) (Version: - Google, Inc.)
My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)
My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) Hidden
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
offerideual (HKLM-x32\...\{BC799F5F-37C9-ACBB-BE51-805992C10610}) (Version: - ) <==== ATTENTION
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.16.007 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7152 - Realtek Semiconductor Corp.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{1110A014-1471-4B66-BFDC-E8EED120CC59}) (Version: 6.0.20.0 - Husdawg, LLC)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Torres Box Tuning Calculator version 1.1 (HKLM-x32\...\{D9B30331-BBF9-4CC7-940A-D735A324E100}_is1) (Version: 1.1 - Chris Torres)
True Color (HKLM-x32\...\{9ece0e50-5966-4a25-a5ef-c93d1e209b04}) (Version: 5.0.0.1 - Entertainment Experience)
True Color (Version: 5.0.0.1 - Entertainment Experience LLC) Hidden
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1189719033-285723195-1319920632-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\pawan98\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1189719033-285723195-1319920632-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\pawan98\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1189719033-285723195-1319920632-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1189719033-285723195-1319920632-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\pawan98\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1189719033-285723195-1319920632-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\pawan98\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1189719033-285723195-1319920632-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\pawan98\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1189719033-285723195-1319920632-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\pawan98\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
24-06-2015 01:45:38 Windows Update
27-06-2015 19:38:17 Windows Update
01-07-2015 21:15:37 Windows Update
05-07-2015 01:52:27 Windows Update
10-07-2015 03:32:44 Windows Update
13-07-2015 04:38:50 Windows Update
17-07-2015 04:57:08 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1683CEC8-B370-40BA-AC26-AF1A28E80164} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {2747A1F6-4455-4FBF-9AB4-957FC02BA876} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {2D5EE8B1-C304-460D-8244-F79A59ACFCB6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1189719033-285723195-1319920632-1001Core => C:\Users\pawan98\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-17] (Google Inc.)
Task: {36702350-F0BD-4181-9D58-AE6CA22F51A9} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-04-09] (Synaptics Incorporated)
Task: {38A55294-9BFC-4CC1-8847-76CC41117E65} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1189719033-285723195-1319920632-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {4132BB3A-94C6-4BAA-A115-9EC486B2CAD1} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {46F3BC35-03CB-4977-99C9-EF31F5C654BE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {544C89C3-F451-4DD2-A265-ACCDF4012F16} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {71DA83CF-DFEB-4CF8-9A44-70B37AB4ACDA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7951B951-6896-4A4B-B4DA-9C01EAEAAF29} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1189719033-285723195-1319920632-1001UA => C:\Users\pawan98\AppData\Local\Google\Update\GoogleUpdate.exe [2014-12-17] (Google Inc.)
Task: {88FEFD67-52D8-4DA4-A248-72070BB38630} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-02-23] ()
Task: {91BF8994-D50E-4BB2-9021-8D6CD06F3807} - System32\Tasks\EasyBoost => c:\programdata\{5b7196da-a939-9658-5b71-196daa935b6a}\d449.exe [2014-06-18] () <==== ATTENTION
Task: {9D93C758-0F2D-477F-A48F-F8F7C3445916} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {ADC4718E-50B4-4126-B8F5-7151D216B194} - System32\Tasks\AdobeAAMUpdater-1.0-Pawan-Lap-pawan98 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {B10A4ADF-83DE-4042-94E8-CCC1BD5D9BA9} - System32\Tasks\{848A90AB-3696-46A9-897A-6D0C9E68BD7B} => pcalua.exe -a "C:\Users\pawan98\AppData\Roaming\WTools\Selection Tools\Selection Tools Uninstall.exe" -c /cpanel=1
Task: {BF32C058-2CF0-4E41-A7F6-7E05B8508CD7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {D4530C29-1CFF-4350-9FED-B6705207BE3A} - \Run_Bobby_Browser No Task File <==== ATTENTION
Task: {E41C4596-C3DB-499B-AAE3-0CFC7D9A423B} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.)
Task: {E44ABBEE-D79C-482F-BBDD-3AA3DA5FF96B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E5E82E27-5F13-43B8-9CF3-A7AB8887F2E7} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {E8174276-5ADA-42F5-B9CE-32A100D1436B} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\EasyBoost.job => c:\programdata\{5b7196da-a939-9658-5b71-196daa935b6a}\d449.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1189719033-285723195-1319920632-1001Core.job => C:\Users\pawan98\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1189719033-285723195-1319920632-1001UA.job => C:\Users\pawan98\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-12-24 15:05 - 2013-12-24 15:05 - 00466944 _____ () C:\Windows\system32\DPPPlugin.dll
2014-09-03 13:31 - 2014-09-03 13:31 - 00034304 _____ () C:\Windows\System32\ssy3clm.dll
2015-07-07 15:57 - 2015-07-07 15:57 - 08016046 _____ () C:\Program Files (x86)\Filthy Brother\Filthy Brother.exe
2014-09-21 11:46 - 2014-09-21 11:46 - 00101840 _____ () C:\Program Files\TrueColor\TrueColorALS.exe
2014-11-01 18:57 - 2014-03-07 17:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-01-10 23:53 - 2014-01-10 23:53 - 00016384 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Interfaces.dll
2014-01-10 23:53 - 2014-01-10 23:53 - 00081408 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Objects.dll
2014-01-10 23:53 - 2014-01-10 23:53 - 00815616 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Resources.dll
2014-01-11 00:24 - 2014-01-11 00:24 - 00052736 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Plugins.SelfUpdate.dll
2014-01-11 00:24 - 2014-01-11 00:24 - 00019968 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Common.dll
2015-01-21 15:01 - 2015-01-21 15:01 - 08898728 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-11-03 17:52 - 2014-07-03 06:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2015-06-22 15:49 - 2015-05-20 02:26 - 00107256 _____ () C:\Program Files\Dell\SupportAssist\libCSharpCommonCS.dll
2015-06-22 15:49 - 2015-05-20 02:26 - 00553720 _____ () C:\Program Files\Dell\SupportAssist\libAsapiCSharp.dll
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-19 01:05 - 2015-07-19 01:05 - 00140800 _____ () c:\windows\temp\tmpzbcdsr.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00117248 _____ () C:\Users\pawan98\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00234496 _____ () C:\Users\pawan98\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00253440 _____ () C:\Users\pawan98\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00344064 _____ () C:\Users\pawan98\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2014-11-03 17:42 - 2013-12-18 18:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-11-03 17:52 - 2014-07-31 02:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2014-11-03 17:52 - 2012-11-26 08:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2014-11-03 17:51 - 2012-11-26 08:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-07-19 00:54 - 2015-07-19 00:54 - 00098816 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32api.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00110080 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\pywintypes27.dll
2015-07-19 00:54 - 2015-07-19 00:54 - 00364544 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\pythoncom27.dll
2015-07-19 00:54 - 2015-07-19 00:54 - 00045568 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\_socket.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 01161216 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\_ssl.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00320512 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32com.shell.shell.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00713216 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\_hashlib.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 01175040 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\wx._core_.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00805888 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\wx._gdi_.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00811008 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\wx._windows_.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 01062400 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\wx._controls_.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00735232 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\wx._misc_.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00682496 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\pysqlite2._sqlite.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00087552 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\_ctypes.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00119808 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32file.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00108544 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32security.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00007168 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\hashobjs_ext.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00068096 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\usb_ext.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00167936 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32gui.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00018432 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32event.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00128512 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\_elementtree.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00127488 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\pyexpat.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00013824 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\common.time34.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00036864 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\_psutil_windows.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00038912 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32inet.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00011264 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32crypt.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00070656 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\wx._html2.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00027136 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\_multiprocessing.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00020480 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\_yappi.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00035840 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32process.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00686080 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\unicodedata.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00122368 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\wx._wizard.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00024064 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32pipe.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00010240 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\select.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00025600 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32pdh.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00525640 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\windows._lib_cacheinvalidation.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00017408 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32profile.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00022528 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\win32ts.pyd
2015-07-19 00:54 - 2015-07-19 00:54 - 00078336 _____ () C:\Users\pawan98\AppData\Local\Temp\_MEI3962\wx._animate.pyd
2015-07-14 21:48 - 2015-07-13 22:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 21:48 - 2015-07-13 22:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1189719033-285723195-1319920632-1001\...\dell.com -> dell.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1189719033-285723195-1319920632-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pawan98\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.5.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B7B3F967-4508-4D51-A758-538D0E93E592}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{D981D931-79D0-4535-9985-BF6BFF84DB28}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0814D19A-5A50-421F-B952-66FE85D95030}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{337709D8-79E1-4CAF-9BBD-5E7B23BFA958}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A6284401-F189-458D-B09B-C278ACB513B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FF1A1656-EE33-490E-8F96-11EE9B2080F5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7470CD12-0D3C-40E7-B8E5-F93B4447696D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{38A3150E-2FE3-4823-9D91-D9D491149468}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{66E6F6CF-1E1A-4111-953D-927277B2FDE7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{93F04929-F1FE-4372-AFDE-5806F78E5EAB}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [TCP Query User{DC7EF3C5-C6D3-4C1D-870F-BA866003B040}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4F2951CD-6B30-43D5-9241-CE2BD316983A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3F91121D-9039-457A-80B5-D1D34B9FBF17}] => (Allow) C:\Users\pawan98\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{00D01B45-F7DD-4D23-A4C2-C8C0E6D93165}] => (Allow) C:\Users\pawan98\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C55B5CE9-D513-4036-9789-2398D9343C9F}] => (Allow) C:\Users\pawan98\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{044F485C-8D6E-4409-805C-CFD987B4C1E0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F2FB7A56-D08C-4A47-A967-4CFB9D096144}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{357CEF99-248C-4E0F-914C-54C1A929CD4D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{58A90727-1427-4D75-95FF-F7474E433519}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{771E61CF-05B1-4446-9E1F-BA06E28F4609}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2CBC6272-8BC1-48B9-82D5-3903A5C59BC6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{EB5141DF-90AB-44D6-B093-C659AABE2174}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C563AED9-B0C6-43A6-9999-DE1EA9D24CDC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{EB9F92A4-B661-4799-9E71-39AC81EB716A}C:\users\pawan98\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pawan98\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C18E4526-476F-4736-BD5D-EA1CB7996FC2}C:\users\pawan98\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\pawan98\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6346AE2D-C9BE-483D-AE85-44B07314AEFB}C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe
FirewallRules: [UDP Query User{C34EFF07-C826-4852-96C4-70E72E6B6591}C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe] => (Allow) C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe
FirewallRules: [{E38CA1F5-9528-4B5C-B557-F771F148A55A}] => (Block) C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe
FirewallRules: [{2B535613-BBB3-4D09-AA69-5395BE331A86}] => (Block) C:\program files (x86)\cisco packet tracer 6.1sv\bin\packettracer6.exe
FirewallRules: [{56B4BDCC-19C4-4A75-A6FB-C8E9248B81B2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EA958EF0-1BC7-41BB-9471-3D76B8E3422D}] => (Allow) LPort=2869
FirewallRules: [{3F73B46D-8793-452E-A3B4-CC0EFEE90B68}] => (Allow) LPort=1900
FirewallRules: [{6F9743DA-2043-4DDD-8554-F576D45C31A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/19/2015 01:14:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (1476) SRUJet: The database page read from the file "C:\Windows\system32\SRU\SRUDB.dat" at offset 8527872 (0x0000000000822000) (database page svchost0) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [20a01e350460c372] and the computed checksum was [000008210002b40b]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (07/19/2015 01:14:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (1476) SRUJet: The database page read from the file "C:\Windows\system32\SRU\SRUDB.dat" at offset 8593408 (0x0000000000832000) (database page svchost0) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [11f111f136fb45ba] and the computed checksum was [11f111f136fb4a42]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (07/19/2015 01:13:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (1476) SRUJet: The database page read from the file "C:\Windows\system32\SRU\SRUDB.dat" at offset 8527872 (0x0000000000822000) (database page svchost0) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [20a01e350460c372] and the computed checksum was [000008210002b40b]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (07/19/2015 01:13:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (1476) SRUJet: The database page read from the file "C:\Windows\system32\SRU\SRUDB.dat" at offset 8593408 (0x0000000000832000) (database page svchost0) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [11f111f136fb45ba] and the computed checksum was [11f111f136fb4a42]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (07/19/2015 01:12:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (1476) SRUJet: The database page read from the file "C:\Windows\system32\SRU\SRUDB.dat" at offset 8527872 (0x0000000000822000) (database page svchost0) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [20a01e350460c372] and the computed checksum was [000008210002b40b]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (07/19/2015 01:12:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (1476) SRUJet: The database page read from the file "C:\Windows\system32\SRU\SRUDB.dat" at offset 8593408 (0x0000000000832000) (database page svchost0) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [11f111f136fb45ba] and the computed checksum was [11f111f136fb4a42]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (07/19/2015 01:11:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (1476) SRUJet: The database page read from the file "C:\Windows\system32\SRU\SRUDB.dat" at offset 8527872 (0x0000000000822000) (database page svchost0) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [20a01e350460c372] and the computed checksum was [000008210002b40b]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (07/19/2015 01:11:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (1476) SRUJet: The database page read from the file "C:\Windows\system32\SRU\SRUDB.dat" at offset 8593408 (0x0000000000832000) (database page svchost0) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [11f111f136fb45ba] and the computed checksum was [11f111f136fb4a42]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (07/19/2015 01:10:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (1476) SRUJet: The database page read from the file "C:\Windows\system32\SRU\SRUDB.dat" at offset 8527872 (0x0000000000822000) (database page svchost0) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [20a01e350460c372] and the computed checksum was [000008210002b40b]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (07/19/2015 01:10:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (1476) SRUJet: The database page read from the file "C:\Windows\system32\SRU\SRUDB.dat" at offset 8593408 (0x0000000000832000) (database page svchost0) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [11f111f136fb45ba] and the computed checksum was [11f111f136fb4a42]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
System errors:
=============
Error: (07/18/2015 09:07:16 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (07/18/2015 05:07:02 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Lync 2013 (KB2956174) 64-Bit Edition.
Error: (07/18/2015 05:01:11 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Lync 2013 (KB2881013) 64-Bit Edition.
Error: (07/17/2015 04:59:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Lync 2013 (KB2956174) 64-Bit Edition.
Error: (07/17/2015 04:58:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Lync 2013 (KB2881013) 64-Bit Edition.
Error: (07/17/2015 03:56:29 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (07/16/2015 02:23:57 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (07/16/2015 12:13:05 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (07/15/2015 02:52:57 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Lync 2013 (KB2881013) 64-Bit Edition.
Error: (07/14/2015 09:20:43 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Microsoft Office:
=========================
Error: (07/19/2015 01:14:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost1476SRUJet: C:\Windows\system32\SRU\SRUDB.dat8527872 (0x0000000000822000)4096 (0x00001000)-1018 (0xfffffc06)[20a01e350460c372][000008210002b40b]2081 (0x821)
Error: (07/19/2015 01:14:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost1476SRUJet: C:\Windows\system32\SRU\SRUDB.dat8593408 (0x0000000000832000)4096 (0x00001000)-1018 (0xfffffc06)[11f111f136fb45ba][11f111f136fb4a42]2097 (0x831)
Error: (07/19/2015 01:13:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost1476SRUJet: C:\Windows\system32\SRU\SRUDB.dat8527872 (0x0000000000822000)4096 (0x00001000)-1018 (0xfffffc06)[20a01e350460c372][000008210002b40b]2081 (0x821)
Error: (07/19/2015 01:13:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost1476SRUJet: C:\Windows\system32\SRU\SRUDB.dat8593408 (0x0000000000832000)4096 (0x00001000)-1018 (0xfffffc06)[11f111f136fb45ba][11f111f136fb4a42]2097 (0x831)
Error: (07/19/2015 01:12:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost1476SRUJet: C:\Windows\system32\SRU\SRUDB.dat8527872 (0x0000000000822000)4096 (0x00001000)-1018 (0xfffffc06)[20a01e350460c372][000008210002b40b]2081 (0x821)
Error: (07/19/2015 01:12:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost1476SRUJet: C:\Windows\system32\SRU\SRUDB.dat8593408 (0x0000000000832000)4096 (0x00001000)-1018 (0xfffffc06)[11f111f136fb45ba][11f111f136fb4a42]2097 (0x831)
Error: (07/19/2015 01:11:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost1476SRUJet: C:\Windows\system32\SRU\SRUDB.dat8527872 (0x0000000000822000)4096 (0x00001000)-1018 (0xfffffc06)[20a01e350460c372][000008210002b40b]2081 (0x821)
Error: (07/19/2015 01:11:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost1476SRUJet: C:\Windows\system32\SRU\SRUDB.dat8593408 (0x0000000000832000)4096 (0x00001000)-1018 (0xfffffc06)[11f111f136fb45ba][11f111f136fb4a42]2097 (0x831)
Error: (07/19/2015 01:10:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost1476SRUJet: C:\Windows\system32\SRU\SRUDB.dat8527872 (0x0000000000822000)4096 (0x00001000)-1018 (0xfffffc06)[20a01e350460c372][000008210002b40b]2081 (0x821)
Error: (07/19/2015 01:10:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost1476SRUJet: C:\Windows\system32\SRU\SRUDB.dat8593408 (0x0000000000832000)4096 (0x00001000)-1018 (0xfffffc06)[11f111f136fb45ba][11f111f136fb4a42]2097 (0x831)
CodeIntegrity Errors:
===================================
Date: 2015-07-07 02:11:29.171
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-07 02:11:29.030
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-07 02:11:28.834
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-07 02:11:28.699
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-07 02:11:28.558
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-07 02:11:28.433
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-07 02:11:28.291
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-07 02:11:28.166
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-07 02:11:27.957
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-07 02:11:27.832
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 38%
Total physical RAM: 8072.96 MB
Available physical RAM: 4979.29 MB
Total Virtual: 9352.96 MB
Available Virtual: 5824.89 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:922.81 GB) (Free:604.16 GB) NTFS
Drive x: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.46 GB) NTFS
Drive y: (PBR Image) (Fixed) (Total:7.32 GB) (Free:0.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7DD6DA26)
Partition: GPT Partition Type.
==================== End of log ============================
thanks